Specifies that the client is anonymous to the server. This field is constant.

The server can impersonate the client, but the impersonation token will not contain any information.

Default

Specifies that DCOM determines the impersonation level. This field is constant.

DCOM determines the impersonation level, using its normal security-negotiation algorithm.

Delegate

Specifies that the server process can impersonate the client's security context while acting on behalf of the client. This field is constant.

The server process can make outgoing calls to other servers while acting on behalf of the client, using cloaking. The server can use the client's security context on other computers to access local and remote resources as the client. When the process is impersonating the client at this level, the impersonation token can be passed across any number of computer boundaries.

Identify

Specifies that the server can obtain the client's identity. This field is constant.

The server can impersonate the client for access control list (ACL) checking, but it cannot access system objects as the client.

Impersonate

Specifies that the server process can impersonate the client's security context while acting on behalf of the client. This field is constant.

This level of impersonation can be used to access local resources such as files. When the process is impersonating the client at this level, the impersonation token can be passed across only one computer boundary.